Package: linux-2.6 Version: 2.6.32-38 Severity: important Tags: patch When using a L2TP/IPSEC VPN, taking advantage of the pppol2tp kernel driver (e.g. using openl2tp), the l2tp tunnel fails when the IPSEC SA is rekeyed. This is fixed by a commit to kernel 3.2-rc5 (see https://github.com/torvalds/linux/commit/71b1391a41289735676be02e35239e5aa9fe6ba6 ) I've included a version of this patch for kernel 2.6.32-38 (current Squeeze kernel) as attachment to this bugreport. This attached patch has been verified by me to be fixing the issue in Debian Squeeze.
-- Package-specific info: ** Version: Linux version 2.6.32-5-kirkwood (Debian 2.6.32-38a~test) ([email protected]) (gcc version 4.3.5 (Debian 4.3.5-4) ) #1 Wed Aug 17 01:42:35 CEST 2011 ** Command line: console=ttyS0,115200 root=/dev/ram initrd=0xa00000,0x900000 ramdisk=32768 ** Not tainted ** Kernel log: not of importance ** Model information Processor : Feroceon 88FR131 rev 1 (v5l) Hardware : QNAP TS-119/TS-219 Revision : 0000 ** Loaded modules: Module Size Used by nls_utf8 1042 0 nls_cp437 4675 0 pppol2tp 21620 0 pppox 1608 1 pppol2tp ppp_generic 20064 2 pppol2tp,pppox slhc 4621 1 ppp_generic ctr 3241 0 camellia 21397 0 cast5 16967 0 rmd160 8978 0 sha1_generic 1717 0 hmac 2475 0 crypto_null 2122 0 ccm 7224 0 serpent 21417 0 blowfish 8262 0 twofish 7467 0 twofish_common 14498 1 twofish ecb 1739 0 xcbc 2219 0 cbc 2313 1 sha256_generic 8818 2 sha512_generic 10275 0 des_generic 16617 0 aes_generic 32820 2 xfrm_user 18537 2 ah6 4213 0 ah4 3659 0 esp6 4543 0 esp4 4763 0 xfrm4_mode_beet 1901 0 xfrm4_tunnel 1407 0 tunnel4 2035 1 xfrm4_tunnel xfrm4_mode_tunnel 1526 0 xfrm4_mode_transport 1228 0 xfrm6_mode_transport 1252 0 xfrm6_mode_ro 1072 0 xfrm6_mode_beet 1680 0 xfrm6_mode_tunnel 1454 0 ipcomp 1698 0 ipcomp6 1710 0 xfrm_ipcomp 3513 2 ipcomp,ipcomp6 xfrm6_tunnel 4567 1 ipcomp6 tunnel6 1866 1 xfrm6_tunnel af_key 32257 0 ipv6 253494 35 ah6,esp6,xfrm6_mode_beet,xfrm6_mode_tunnel,ipcomp6,xfrm6_tunnel,tunnel6 fuse 51232 1 ext2 55263 1 loop 11403 2 vfat 8136 0 fat 43553 1 vfat ext3 110940 2 jbd 37346 1 ext3 dm_crypt 11542 1 dm_mod 56499 3 dm_crypt sata_mv 24382 1 evdev 6582 0 mv643xx_eth 22530 0 libata 137822 1 sata_mv libphy 14820 1 mv643xx_eth gpio_keys 3050 0 inet_lro 5060 1 mv643xx_eth ext4 288273 1 mbcache 4860 3 ext2,ext3,ext4 jbd2 64063 1 ext4 sd_mod 31292 6 crc_t10dif 1106 1 sd_mod usb_storage 35155 3 scsi_mod 124172 3 libata,sd_mod,usb_storage ehci_hcd 36381 0 usbcore 122471 3 usb_storage,ehci_hcd nls_base 5367 5 nls_utf8,nls_cp437,vfat,fat,usbcore ** PCI devices: ** Sound cards: -- System Information: Debian Release: 6.0.3 APT prefers stable APT policy: (500, 'stable') Architecture: armel (armv5tel) Kernel: Linux 2.6.32-5-kirkwood Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages linux-image-2.6.32-5-kirkwood depends on: ii debconf [debconf-2.0] 1.5.36.1 Debian configuration management sy ii initramfs-tools [linux-initra 0.98.8 tools for generating an initramfs ii linux-base 2.6.32-38 Linux image base package ii module-init-tools 3.12-1 tools for managing Linux kernel mo Versions of packages linux-image-2.6.32-5-kirkwood recommends: ii firmware-linux-free 2.6.32-38 Binary firmware for various driver ii uboot-mkimage 0.4 generate kernel image for U-Boot Versions of packages linux-image-2.6.32-5-kirkwood suggests: pn fdutils <none> (no description available) pn linux-doc-2.6.32 <none> (no description available) Versions of packages linux-image-2.6.32-5-kirkwood is related to: pn firmware-bnx2 <none> (no description available) pn firmware-bnx2x <none> (no description available) pn firmware-ipw2x00 <none> (no description available) pn firmware-ivtv <none> (no description available) pn firmware-iwlwifi <none> (no description available) pn firmware-linux <none> (no description available) pn firmware-linux-nonfree <none> (no description available) pn firmware-qlogic <none> (no description available) pn firmware-ralink <none> (no description available) pn xen-hypervisor <none> (no description available) -- debconf information excluded
--- a/drivers/net/pppol2tp.c 2009-12-03 04:51:21.000000000 +0100 +++ b/drivers/net/pppol2tp.c 2011-12-16 14:02:15.000000000 +0100 @@ -1172,7 +1172,7 @@ /* Get routing info from the tunnel socket */ skb_dst_drop(skb); - skb_dst_set(skb, dst_clone(__sk_dst_get(sk_tun))); + skb_dst_set(skb, dst_clone(__sk_dst_check(sk_tun, 0))); pppol2tp_skb_set_owner_w(skb, sk_tun); /* Calculate UDP checksum if configured to do so */
